PCF Security and Compliance Guide

For Security Professionals and PCF Users

This guide explains how Pivotal Cloud Foundry (PCF) manages network access, roles and permissions, internal communications, container hardening, and other security issues. It is intended to give security professionals a complete view of PCF security, and to help all PCF users, not just the security experts, keep the platform secure.

Security

Security Concepts:
Provides links to conceptual documentation about how security is implemented in PCF.

PCF Infrastructure Security:
Provides guidance and procedures for securing PCF infrastructure such as hardening stemcells and managing the certificates that enable TLS communication.

Network Security:
Covers the security aspects of PCF networking such as the paths, ports, and protocols
that components use to communicate.

Credential and Identity Management:
Describes how PCF manages permissions and trust for PCF user accounts.
Also provides documentation about CredHub, the credential management system that BOSH uses to store deployment credentials and that PCF runtimes use to create and manage app and service credentials.